Some Ipv6 features and considerations

In short I would like ipv6 support, but since it requires some thinking to get it right.
I supply a list of features that I believe would have to be addresses by any reasonable good firewall as well as some instructions on how it should work.

Currently I have acquired a public ipv6 address for testing.
Until comodo get ipv6 support I will have to use another firewalll.

  • Rules for UDP,TCP should by default be independent if ip-version.

  • One should be able to create rules for a specific ip version.

  • When specifying ip-addresses one should be able to select some special addresses from a predefined (but dynamic set) {my ipaddress, dhcp server, dns server, gateway}.
    Where “my ip” would be the same as any of the ipv4 or ipv6 addresses of the computer.
    And similar gateway would be the set of addresses of ipv4 and ipv6 gateways.

  • A network interface will have multiple addresses, and different sets of rules may be needed for this.
    → Consider grouping rules into sets like home,work and public like the windows firewall do.
    → For security it is crucial that it is easy to manage the fact that an adapter will have many ipv6 addressses such as (link local and public)
    → Allow one to easily setup individual rules for local ipv6 ( fe80:: ) and public ( 2xxx:: )
    Ex. When at home link local addresses should be trusted, but not when I bring my computer to school.
    But connections to my public ipv6 address should never be trusted.
    (Note: when at “home” I would like to allow multicast by default, but not when in “public”)

When at “home” both windows file sharing and homegroup should be allowed without any manual configuration

+1

I came to try out v4 in the hope it may have grown support for IPv6, alas, it’s no where to be seen :frowning:

I’ve gone back to using Outpost for now. Maybe Comodo can sneak a v5 out before the IPv4 address space becomes depleted.

http://www.ipv4countdown.com/
http://www.potaroo.net/tools/ipv4/index.html